PT-2025-36617 — Heap Based Buffer Overflow in Nuget Magick.Net-Q16-Anycpu+17

PT-2025-36617 · Nuget · Magick.Net-Q16-Anycpu+17

Published

2025-08-25

Updated

2025-08-25

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Summary

While Processing a crafted TIFF file, imagemagick crashes.

Details

Following is the imagemagick version:

imagemagick git/build 26jun23/bin/magick --version
Version: ImageMagick 7.1.1-13 (Beta) Q16-HDRI x86 64 56f478940:20230625 https://imagemagick.org
Copyright: (C) 1999 ImageMagick Studio LLC
License: https://imagemagick.org/script/license.php
Features: Cipher DPC HDRI 
Delegates (built-in): fontconfig freetype jbig jng jpeg lcms lzma pangocairo png tiff webp x xml zlib
Compiler: gcc (4.2)

PoC

issue can be replicated with following command with provided POC file(sent over email):

bash

magick poc.tiff /dev/null

Impact

This can lead to application crash.

Credits

Please give credits to Hardik shah of Vehere (Dawn Treaders team)

Fix

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122

Related Identifiers

GHSA-FFF3-4RP7-PX97

Affected Products

Magick.Net-Q16-Anycpu

Magick.Net-Q16-Hdri-Anycpu

Magick.Net-Q16-Hdri-Openmp-Arm64

Magick.Net-Q16-Hdri-Openmp-X64

Magick.Net-Q16-Hdri-Arm64

Magick.Net-Q16-Hdri-X64

Magick.Net-Q16-Hdri-X86

Magick.Net-Q16-Openmp-Arm64

Magick.Net-Q16-Openmp-X64

Magick.Net-Q16-Arm64

Magick.Net-Q16-X64

Magick.Net-Q16-X86

Magick.Net-Q8-Anycpu

Magick.Net-Q8-Openmp-Arm64

Magick.Net-Q8-Openmp-X64

Magick.Net-Q8-Arm64

Magick.Net-Q8-X64

Magick.Net-Q8-X86